In a WP-based site I have a custom form which I need to hide from the general public and give access to only a select few who would then get a password from me, enter it and access the form and submit it. On form submission, I redirect them to another page. I have employed this bit of code below in my functions.php, which logs them out of the password-protected page, once redirected:
add_action( 'wp', 'post_pw_sess_expire' );
function post_pw_sess_expire() {
if ( isset( $_COOKIE['wp-postpass_' . COOKIEHASH] ) )
// Setting a time of 0 in setcookie() forces the cookie to expire with the session
setcookie('wp-postpass_' . COOKIEHASH, '', 0, COOKIEPATH);
}
Now the twist: once any of these select few are logged out of the password-protected page, I need the password to become invalid. Not necessarily, but sort of like a one-time password. A solution would be great, or please give me some pointers or alternatives if it’s not possible.